add change password page
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone/tag Build is passing

This commit is contained in:
stryan 2023-04-10 17:51:49 -04:00
parent a85f3b5769
commit 104982103d
6 changed files with 126 additions and 6 deletions

View File

@ -119,7 +119,7 @@ func loginLDAPAccount(uname string, pwd string) error {
return nil return nil
} }
func resetLDAPAccountPassword(user string, newPass string) error { func resetLDAPAccountPassword(user string, oldPass, newPass string) error {
url := Conf.Ldap.Url url := Conf.Ldap.Url
userdn := fmt.Sprintf("%v=%v,%v,%v", Conf.Ldap.UserAttr, user, Conf.Ldap.UserOu, Conf.Ldap.LdapDc) userdn := fmt.Sprintf("%v=%v,%v,%v", Conf.Ldap.UserAttr, user, Conf.Ldap.UserOu, Conf.Ldap.LdapDc)
binddn := fmt.Sprintf("%v,%v", Conf.Ldap.AdminUser, Conf.Ldap.LdapDc) binddn := fmt.Sprintf("%v,%v", Conf.Ldap.AdminUser, Conf.Ldap.LdapDc)
@ -151,7 +151,7 @@ func resetLDAPAccountPassword(user string, newPass string) error {
err_text := fmt.Sprintf("Error finding login user: Wanted 1 result, got %v\n", len(result.Entries)) err_text := fmt.Sprintf("Error finding login user: Wanted 1 result, got %v\n", len(result.Entries))
return errors.New(err_text) return errors.New(err_text)
} }
passwordModifyRequest := ldap.NewPasswordModifyRequest(userdn, "", newPass) passwordModifyRequest := ldap.NewPasswordModifyRequest(userdn, oldPass, newPass)
_, err = l.PasswordModify(passwordModifyRequest) _, err = l.PasswordModify(passwordModifyRequest)
if err != nil { if err != nil {

View File

@ -45,6 +45,11 @@ func main() {
router.HandleFunc("/reset/form", reset).Methods("POST") router.HandleFunc("/reset/form", reset).Methods("POST")
router.HandleFunc("/reset/success", resetSuccessPage).Methods("GET") router.HandleFunc("/reset/success", resetSuccessPage).Methods("GET")
router.HandleFunc("/reset/error", resetErrorPage).Methods("GET") router.HandleFunc("/reset/error", resetErrorPage).Methods("GET")
router.HandleFunc("/change", changePageFront).Methods("GET")
router.HandleFunc("/change", change).Methods("POST")
router.HandleFunc("/change/success", changeSuccessPage).Methods("GET")
router.HandleFunc("/change/error", changeSuccessPage).Methods("GET")
log.Printf("Registering templates from %v/\n", Conf.TplPath) log.Printf("Registering templates from %v/\n", Conf.TplPath)
tpl = template.Must(template.ParseGlob(Conf.TplPath + "/*")) tpl = template.Must(template.ParseGlob(Conf.TplPath + "/*"))
if Conf.UserTplPath != "" { if Conf.UserTplPath != "" {

View File

@ -57,17 +57,39 @@ func reset(res http.ResponseWriter, req *http.Request) {
return return
} }
log.Printf("Attempting to reset password for %v", user) log.Printf("Attempting to reset password for %v", user)
err = resetLDAPAccountPassword(user, newPass) err = resetLDAPAccountPassword(user, "", newPass)
if err == nil { if err == nil {
log.Printf("reset password for %v\n", user) log.Printf("reset password for %v\n", user)
http.Redirect(res, req, "/reset/success", 302) http.Redirect(res, req, "/reset/success", 302)
return return
} else { }
log.Printf("failed to reset password for %v:%v\n", user, err) log.Printf("failed to reset password for %v:%v\n", user, err)
http.Redirect(res, req, "/reset/error", 302) http.Redirect(res, req, "/reset/error", 302)
return return
} }
func change(res http.ResponseWriter, req *http.Request) {
oldPass := req.FormValue("old_password")
newPass := req.FormValue("new_password")
user := getUserName(req)
if user == "" {
log.Printf("Error changing password without a username\n")
http.Error(res, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)
return
}
log.Printf("Attempting to change password for %v", user)
err := resetLDAPAccountPassword(user, oldPass, newPass)
if err != nil {
log.Printf("failed to change password for %v:%v\n", user, err)
http.Redirect(res, req, "/change/error", 302)
return
}
log.Printf("change password for %v\n", user)
http.Redirect(res, req, "/change/success", 302)
return
} }
func sendMail(recp string, uname string, token string) error { func sendMail(recp string, uname string, token string) error {

View File

@ -0,0 +1,59 @@
{{ define "change_password_page_front" }}
{{ template "header" .}}
<body>
<div>
<form method="POST" action="/change">
<table>
<tr>
<td>Current Password:</td>
<td><input type="password" id="old_password" name="old_password"</td>
</tr>
<tr>
<td>New Password:</td>
<td><input type="password" id="new_password" name="new_password" pattern="(?=.*\d)(?=.*[a-z]).{8,}" title="Must contain at least one number and at least 8 or more characters" required></td>
</tr>
<tr>
<td>Confirm New Password:</td>
<td><input type="password" name="confirm_password" id="confirm_password" onchange="check()"/></td>
<td><span id='message'></span></td>
<td><input type="checkbox" onclick="showPass()">Show Passwords</td>
<tr>
<td><input type="submit" value="Submit"></td>
</tr>
</table>
</form>
</div>
<div id="requirements">
<h3>Password must contain the following:</h3>
<p id="letter" class="invalid">A <b>lowercase</b> letter</p>
<p id="capital" class="invalid">A <b>capital (uppercase)</b> letter</p>
<p id="number" class="invalid">A <b>number</b></p>
<p id="length" class="invalid">Minimum <b>8 characters</b></p>
</div>
<script>
function check() {
if(document.getElementById('password').value ===
document.getElementById('confirm_password').value) {
document.getElementById('message').innerHTML = "Passwords match";
} else {
document.getElementById('message').innerHTML = "Passwords don't match";
}
}
function showPass() {
var x = document.getElementById("password");
if (x.type === "password") {
x.type = "text";
} else {
x.type = "password";
}
var x = document.getElementById("confirm_password");
if (x.type === "password") {
x.type = "text";
} else {
x.type = "password";
}
}
</script>
{{ template "footer" .}}
{{ end }}

View File

@ -2,6 +2,7 @@
{{ template "header" .}} {{ template "header" .}}
{{if .LoggedIn }} {{if .LoggedIn }}
<p><a href="/token">Get Token</a></p> <p><a href="/token">Get Token</a></p>
<p><a href="/change">Change Password</a></p>
<p><a href="/profile/view">Profile</a></p> <p><a href="/profile/view">Profile</a></p>
<p><a href="/minecraft">Minecraft Account Status</a></p> <p><a href="/minecraft">Minecraft Account Status</a></p>
{{else}} {{else}}

33
web.go
View File

@ -103,6 +103,39 @@ func minecraftLinkErrorPage(res http.ResponseWriter, req *http.Request) {
genericErrorPage(res, "Minecraft Link Failure", u, true, "Undefined", "link Minecraft account.") genericErrorPage(res, "Minecraft Link Failure", u, true, "Undefined", "link Minecraft account.")
return return
} }
func changePageFront(res http.ResponseWriter, req *http.Request) {
u := getUserName(req)
if u == "" {
http.Redirect(res, req, "/reset", 302)
}
data := struct {
Title string
Username string
LoggedIn bool
}{
"Change Password",
u,
true,
}
tpl.ExecuteTemplate(res, "change_password_page_front", data)
}
func changeSuccessPage(res http.ResponseWriter, req *http.Request) {
log.Println("GET /change/success")
u := getUserName(req)
genericSuccessPage(res, "Change Password Success", u, false, "Succesfully Changed Password")
return
}
func changeErrorPage(res http.ResponseWriter, req *http.Request) {
log.Println("GET /change/error")
u := getUserName(req)
genericErrorPage(res, "Change Password Failure", u, false, "Undefined", "reset password")
return
}
func resetPageFront(res http.ResponseWriter, req *http.Request) { func resetPageFront(res http.ResponseWriter, req *http.Request) {
log.Println("GET /reset") log.Println("GET /reset")
u := getUserName(req) u := getUserName(req)